Use System Users for Webinterface Auth

2025-05-11 10:58:21 +00:00 · 2023-05-14 03:24:58 +02:00 · 2023-05-14 03:24:58 +02:00 · 0e5cd1d3a5
commit 0e5cd1d3a5
parent bd26cf893d
4 changed files with 13 additions and 8 deletions
--- a/internal/server/api.go
+++ b/internal/server/api.go
@ -12,7 +12,6 @@ import (
 )
 func HandleAPI(w http.ResponseWriter, r *http.Request) {
 	slog.Info("Api Handler hit")
 	_, s := session.GetSession(r)
 	if s == nil {
 		// Fallthrough after so that jsonrpc can still deliver a valid jsonrpc error
--- a/internal/server/server.go
+++ b/internal/server/server.go
@ -17,11 +17,13 @@ var server http.Server
 var mux = http.NewServeMux()
 var apiHandler *jsonrpc.Handler
 var stopCleanup chan struct{}
 var configManager *config.ConfigManager
-func StartWebserver(configManager *config.ConfigManager, _apiHandler *jsonrpc.Handler) {
+func StartWebserver(_configManager *config.ConfigManager, _apiHandler *jsonrpc.Handler) {
 	server.Addr = ":8080"
 	server.Handler = mux
 	apiHandler = _apiHandler
 	configManager = _configManager
 	// Routing
 	mux.HandleFunc("/login", HandleLogin)
--- a/internal/server/session.go
+++ b/internal/server/session.go
@ -7,6 +7,7 @@ import (
 	"time"
 	"golang.org/x/exp/slog"
 	"nfsense.net/nfsense/internal/auth"
 	"nfsense.net/nfsense/internal/session"
 )
@ -27,13 +28,16 @@ func HandleLogin(w http.ResponseWriter, r *http.Request) {
 		slog.Error("Unmarshal", err)
 		return
 	}
-	if req.Username == "admin" && req.Password == "12345" {
+	err = auth.AuthenticateUser(configManager.GetCurrentConfig(), req.Username, req.Password)
-		slog.Info("User Login Successfull")
+	if err != nil {
-		session.GenerateSession(w, req.Username)
+		slog.Error("User Login failed", "err", err, "username", req.Username)
-		w.WriteHeader(http.StatusOK)
+		w.WriteHeader(http.StatusUnauthorized)
 		return
 	}
-	w.WriteHeader(http.StatusUnauthorized)
+
 	slog.Info("User Login Successful", "username", req.Username)
 	session.GenerateSession(w, req.Username)
 	w.WriteHeader(http.StatusOK)
 }
 func HandleLogout(w http.ResponseWriter, r *http.Request) {
--- a/internal/session/session.go
+++ b/internal/session/session.go
@ -18,7 +18,7 @@ const SessionLifeTime = time.Minute * 15
 type Session struct {
 	Username string
 	Expires  time.Time
-	// TODO Add []websocket.Conn pointer to close all active websockets, alternativly do this via context cancelation
+	// TODO Add []websocket.Conn pointer to close all active websockets, alternatively do this via context cancelation
 }
 type SessionResponse struct {